View Single Post
  #1   (View Single Post)  
Old 31st March 2010
J65nko J65nko is online now
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,990
Default PDF exploit requires no specific security hole to function


Bad news: PDF security specialist Didier Stevens has developed a PDF document which is capable of infecting a PC – without exploiting a specific vulnerability. The demo exploit works both in Adobe Reader and in Foxit. Stevens says he used the "Launch Actions/Launch File" option, which can even start scripts and EXE files that are embedded in the PDF document. This option is part of the PDF specification.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote